Dr. Stephen Henson
d83dde6180
Merge changes to build system from fips branch.
2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
bd72b8eca6
Stop warnings about value not used.
2008-09-14 15:46:36 +00:00
Dr. Stephen Henson
fd43ae3fe4
Fix flag clash... only used internally when policy checking is
...
enabled.
2008-08-31 11:15:35 +00:00
Dr. Stephen Henson
a750273546
Fix from HEAD.
2008-08-02 11:17:04 +00:00
Dr. Stephen Henson
4231b356aa
Fix from HEAD.
2008-07-30 15:42:19 +00:00
Dr. Stephen Henson
3562202306
Fix from HEAD.
2008-07-13 22:38:52 +00:00
Dr. Stephen Henson
2bf4b96aef
Update from HEAD.
2008-07-13 15:56:01 +00:00
Dr. Stephen Henson
811e08a2c5
Update from HEAD.
2008-07-13 14:33:16 +00:00
Dr. Stephen Henson
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
Dr. Stephen Henson
927a28ba3b
gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
...
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
3380c52f15
Stop memory leak.
2007-03-05 00:06:47 +00:00
Dr. Stephen Henson
e31c620686
Update from fips2 branch.
2007-02-03 17:32:14 +00:00
Dr. Stephen Henson
4a0d3530e0
Update from HEAD.
2007-01-21 13:16:49 +00:00
Richard Levitte
e25eb309ec
From HEAD
2006-12-26 21:23:38 +00:00
Dr. Stephen Henson
9b945233b1
Update from HEAD.
2006-12-06 13:38:59 +00:00
Dr. Stephen Henson
34a8c7ec87
Win32 fixes.
...
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.
Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.
Update ordinals.
Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
2006-11-30 13:04:43 +00:00
Ben Laurie
4636341b05
Add RFC 3779 support, contributed by ARIN.
2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
115fc340cb
Rebuild error file C source files.
2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
20d6182f33
Typo.
2006-10-05 21:59:09 +00:00
Nils Larsch
22d1087e16
backport recent changes from the cvs head
2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc
Update filenames in makefiles
2006-02-04 01:49:36 +00:00
Bodo Möller
c55d882fab
Avoid contradictive error code assignments.
...
"make error".
2006-01-08 21:52:46 +00:00
Nils Larsch
62b6cd007f
fix potential memory leak + improved error checking
...
PR: 1182
2005-08-05 09:41:24 +00:00
Nils Larsch
3de6d65ea3
improved error checking and some fixes
...
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 20:55:17 +00:00
Dr. Stephen Henson
b18165301d
Update from head.
2005-07-25 18:40:09 +00:00
Dr. Stephen Henson
c4b13b0268
Reorder extensions to account for synced OID table.
2005-06-22 17:28:55 +00:00
Dr. Stephen Henson
1f93c96e63
Fix extension ordering.
2005-06-22 13:25:38 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Bodo Möller
8afca8d9c6
Fix more error codes.
...
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Richard Levitte
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
...
a security threat on unexpecting applications. Document and test.
2005-04-09 16:07:12 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Richard Levitte
a7201e9a1b
Changes concering RFC 3820 (proxy certificates) integration:
...
- Enforce that there should be no policy settings when the language
is one of id-ppl-independent or id-ppl-inheritAll.
- Add functionality to ssltest.c so that it can process proxy rights
and check that they are set correctly. Rights consist of ASCII
letters, and the condition is a boolean expression that includes
letters, parenthesis, &, | and ^.
- Change the proxy certificate configurations so they get proxy
rights that are understood by ssltest.c.
- Add a script that tests proxy certificates with SSL operations.
Other changes:
- Change the copyright end year in mkerr.pl.
- make update.
2005-01-17 17:06:58 +00:00
Richard Levitte
6951c23afd
Add functionality needed to process proxy certificates.
2004-12-28 00:21:35 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
8f284faaec
V1 certificates that aren't self signed can't be accepted as CAs.
2004-12-03 00:10:34 +00:00
Richard Levitte
5073ff0346
Split X509_check_ca() into a small self and an internal function
...
check_ca(), to resolve constness issue. check_ca() is called from the
purpose checkers instead of X509_check_ca(), since the stuff done by
the latter (except for calling check_ca()) is also done by
X509_check_purpose().
2004-11-30 12:18:55 +00:00
Richard Levitte
30b415b076
Make an explicit check during certificate validation to see that the
...
CA setting in each certificate on the chain is correct. As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
given)
2004-11-29 11:28:08 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Dr. Stephen Henson
637ff35ef6
Delta CRL support in extension code.
2004-07-06 17:16:40 +00:00
Dr. Stephen Henson
eea674567c
Delete non-POSIX header file.
2004-07-04 16:48:27 +00:00
Geoff Thorpe
9c52d2cc75
After the latest round of header-hacking, regenerate the dependencies in
...
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
0f814687b9
Deprecate the recursive includes of bn.h from various API headers (asn1.h,
...
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
2004-05-17 19:14:22 +00:00
Geoff Thorpe
c57bc2dc51
make update
2004-04-19 18:33:41 +00:00
Dr. Stephen Henson
b6a5fdb8a7
Don't use C++ reserved word.
2004-04-01 22:23:46 +00:00
Dr. Stephen Henson
ecf139917d
New function X509_POLICY_NODE_print()
2004-03-31 12:17:24 +00:00
Dr. Stephen Henson
5d6383c83f
Make {i2v,v2i}_ASN1_BIT_STRING global.
...
make update
2004-03-28 12:40:11 +00:00
Dr. Stephen Henson
b79c82eaab
Fix loads of warnings in policy code.
...
I'll remember to try to compile this with warnings enabled next time :-)
2004-03-25 13:45:58 +00:00